<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'">
</head>
<body>
    <div id="result" text="FAIL">PASS</div>

    <script>
      if (window.testRunner)
        testRunner.dumpAsText();
      a=document.createElement('script');
      a.src='http://localhost:8000/security/contentSecurityPolicy/resources/script.js';
      document.body.appendChild(a);
    </script>
</body>
</html>
